English
Deutsch
Español
Français
Português/Brasil
Italiano
Apr
30
APWG Global Phishing Survey Musings
GM/Chief Security Officer
I always enjoy when new reports are released from various industry orgs that discuss the latest trends in spam, phishing, and cyber crime. Last week the Anti-Phishing Working Group released the results from their 2H 2011 Global Phishing Survey. There …
Tell me more
Categories: Commentary Commentary Standards View Comments
Feb
14
Ready to Learn More about DMARC? Join Our Webinar with ExactTarget
GM/Chief Security Officer
If you have any interest in the latest news around email, email security, or phishing you’ve probably heard the buzz following up last week’s announcement of a new technology to help fight phishing and spoofing emails called DMARC (which stands for Domain-based Message Authentication, Reporting & Conformance). Along with all of the interest that we have seen both from the media and from the industry-at-large, I’ve still seen a fair amount of confusion around what DMARC currently is and is not. I wanted to take a couple of moments to help provide a bit more clarity on the topic as well as discuss some of the upcoming ways in which Return Path is helping to continually educate the email and security world on DMARC.
Tell me more
Categories: Explanation Standards View Comments
Jan
30
DMARC.org: A Giant Step Forward in the Fight Against Phishing
GM/Chief Security Officer
We are very excited today to announce our participation in the founding of DMARC.org (Domain-based Message Authentication, Reporting and Conformance), a working group aimed at stopping email-borne security threats through authentication. The working group, which is launching publicly today, is a coalition of 15 companies dedicated to this mission, including AOL, Google, Microsoft and Yahoo!
Tell me more
Categories: News Standards View Comments
Jan
30
Return Path Joins with Google, AOL, Yahoo! and Microsoft to Found DMARC.org to Help Safeguard Consumers, Brands and ISPs from Phishing
Return Path’s Anti-Phishing Solution, Domain Assurance supports DMARC Specifications Enabling Companies to Implement DMARC Quickly and Easily
New York, NY – January 30, 2012 – Return Path, the world’s leading email certification and reputation monitoring company, today announced it is a founding member of DMARC.org (Domain-based Message Authentication, Reporting and Conformance), a technical working group dedicated to the development of internet standards for reducing the threat of deceptive emails known as phishing. DMARC has outlined a new vision for email authentication and published a draft specification that resolves the issues associated with widespread adoption of email authentication technologies. Leading internet service providers, including Google, Yahoo!, AOL and Microsoft, are founding members of DMARC. The group is led by Brett McDowell, Senior Manager of Customer Security Initiatives at PayPal, one of the world’s most highly spoofed brands. Return Path’s anti-phishing solution Domain Assurance supports the DMARC specifications today, enabling companies to quickly and easily implement DMARC.
Tell me more
Categories: News Press Releases Return Path Standards View Comments
Nov
15
A Marketer’s Field Guide to B2B Inboxes
Sr. Director, Deliverability Consulting
Sending email to corporate mailboxes has some unique challenges. You can have the best sending reputation in the world with consumer ISPs but find your email bulked or blocked by numerous corporate filters. The reason for this is that many businesses implement and administer their own email infrastructure and customize it based on their specific needs. These IT staffs have a plethora of hardware and software filtering options at their disposal and can configure them to their heart’s content. It can be very challenging to predict how your email will be handled from one business to another – even if they are using the same message filters.
Tell me more
Categories: Best Practices Standards View Comments
Mar
31
Debating Standards While the Sun Shines
The IETF — the Internet Engineering Task Force — is, simply put, the standards body for the internet. As a body, they’ve been responsible for nearly every technical protocol that makes the internet work, from TCP/IP and SMTP to more recent developments like IPv6 and OAuth.
It was a beautiful week to be in Anaheim, even in the ring of hotels surrounding Disneyland — temperatures above 70 degrees F., clear blue Southern California skies, while more than a foot of snow landed on Denver. But the 1,200 attendees of the IETF’s 77th meeting spent most of their time inside fluorescent-lit meeting rooms, engaged in deep engineering debates.
IETF is kind of the opposite of TED, that famous gathering of fast-talking deep thinkers. It still involves some of the smartest people in the world, but …
Categories: News Standards View Comments
Jun
16
Delivered May Not Mean To the Inbox
It’s no surprise that email marketers are often confused about the difference between a bounce rate and an inbox deliverability rate. Most email broadcast systems in the U.S. and Europe report something called “delivered.” It’s usually a pretty high number – like 98% or 93%. And your ESP would like you to judge them on that number, because it’s really high, and it’s easy for them to be confident that it will stay high.
The problem is that most vendors define “delivered” as the inverse of your bounce rate – the number of records on your file that either no longer exist (a hard bounce) or are having temporary delivery failure (a soft bounce), perhaps due to an out of office reply or a full mailbox or some glitch in the ISP server.
Most marketers who keep their lists clean and have good permission practices have a bounce rate of 1%-5%. Even if you outsource your bounce handling to your ESP, you are still responsible for how they manage the removal of names – so be sure you understand what they are doing on your behalf. Your bounce rate is a good number to have included in your reports. It tells you something about your list hygiene. But it tells you nothing about what happens to your emails. …
Categories: Explanation Standards View Comments
Jun
4
DomainKeys Identified Email Becomes Standard
Senior Product Manager
The Internet Engineering Task Force has approved DomainKeys Identified Email (commonly known as DKIM) as a technical standard for email. This clears the way for emailers to implement DKIM and for ISPs to potentially use it to either block or allow email through its system.
We actually think this is great news. It means that DKIM will eventually become the replacement to DomainKeys (DK) as the primary cryptographic-based authentication standard. DKIM has some great advantages over DK, but for my money the biggest one is “third party signing,” meaning it allows a domain other than the “From:” domain to sign the messages. There are many cases where the person sending the mail doesn’t control the “From:” domain. Third party signing solves that problem, and as a result makes it much more likely that large companies can sign all their mail, even when outsourced to an ESP.
So what’s a mailer to do? …
Categories: Explanation Standards Comments Off